Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/oBmzk-4w_nxRRovw90ozn8d01fA.roa
File: oBmzk-4w_nxRRovw90ozn8d01fA.roa (raw, json)
Hash identifier: liBrw1FnKKe83tYc4YW/a6yEmpqcOH+R/kQei1h6A9o=
Subject key identifier: A0:19:B3:93:EE:30:FE:7C:51:46:8B:F0:F7:4A:33:9F:C7:74:D5:F0
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0DD7
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/oBmzk-4w_nxRRovw90ozn8d01fA.roa
Signing time: Wed 29 Sep 2021 02:39:37 +0000
ROA not before: Wed 29 Sep 2021 02:39:37 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 7482
IP address blocks: 210.200.192.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3543 (0xdd7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 02:39:37 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=A019B393EE30FE7C51468BF0F74A339FC774D5F0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:c3:2a:43:c2:a9:08:75:ad:d6:bb:61:8a:84:
ec:c5:af:ea:a9:d0:70:8c:d9:63:31:e1:31:31:77:
0d:cb:75:45:46:d0:c8:b4:10:fe:5c:f7:a2:1c:bc:
70:e9:ac:14:34:ed:9f:c0:26:a9:6c:6e:f9:bf:cd:
8e:ee:c6:47:eb:f3:f8:e2:5b:a6:56:9d:02:12:e8:
21:cb:72:3a:b0:f7:35:44:cc:68:de:a1:71:bd:e7:
44:db:84:de:f4:bc:77:74:81:f6:6b:d9:4f:8f:51:
80:f1:d1:2c:d4:27:e3:64:9f:a9:26:bd:18:29:4c:
95:16:6e:4f:de:54:72:cb:9c:49:12:31:79:79:ac:
99:58:0a:be:bd:49:da:9e:51:26:13:7f:81:87:d8:
0c:48:b3:f8:09:65:87:1d:73:48:39:6e:6c:af:fc:
89:3c:48:df:6d:56:a8:25:40:c6:8d:b9:2c:99:11:
90:1a:e2:fb:8b:ab:19:4c:09:e5:fa:8e:d6:79:56:
19:15:89:fc:0a:8e:81:fb:58:ad:6f:d4:1c:91:ce:
92:5c:ca:8d:b4:ee:d1:57:65:08:1a:3a:ad:5b:32:
13:59:55:21:90:b0:3b:cd:8e:1d:fc:e2:63:86:7b:
38:d1:48:61:04:15:c2:56:4f:fd:4e:85:f5:6b:55:
ac:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:19:B3:93:EE:30:FE:7C:51:46:8B:F0:F7:4A:33:9F:C7:74:D5:F0
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/oBmzk-4w_nxRRovw90ozn8d01fA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.200.192.0/18
Signature Algorithm: sha256WithRSAEncryption
38:83:da:80:6f:e9:da:04:8d:9b:26:96:33:22:60:71:ca:05:
ec:83:e9:78:d0:c4:24:49:57:a3:18:44:5e:43:1b:d9:0b:0b:
68:88:e6:b3:30:84:6d:82:f0:e9:5f:f6:15:04:b1:03:51:4e:
23:32:2d:86:89:e7:64:23:b2:76:a4:09:a9:bb:3e:74:2d:3c:
7d:7f:1d:87:43:90:c1:3a:7c:e1:1b:5e:4d:2a:3a:14:bf:23:
c0:7c:4a:b9:a9:65:07:03:02:1c:4b:49:e2:8e:61:e8:0f:f4:
11:67:ff:9e:6f:3a:4c:0d:8d:53:5a:fb:1a:ff:cd:6b:88:af:
37:d1:10:b6:f9:ae:ba:7b:18:23:b1:bc:34:f1:ca:65:9d:19:
fe:63:eb:2e:2b:5f:75:02:79:66:12:a7:28:74:50:41:15:97:
bd:d8:21:3f:ff:0d:b2:36:0c:79:95:21:c0:01:ab:61:0c:85:
3e:38:a4:4e:c0:ff:00:42:3e:ba:8f:4b:09:9a:d2:3d:2a:46:
0f:0c:58:ba:f9:d1:d2:53:12:1d:f2:c7:e2:29:50:b7:74:7b:
b7:5b:1b:1c:c0:29:84:49:d3:d5:55:a9:39:2a:f1:cf:87:87:
83:79:b2:4f:47:dd:07:66:91:d0:60:a1:0f:ad:ce:fe:55:3c:
93:56:0a:79
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDdcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjM5MzdaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEEwMTlCMzkzRUUzMEZF
N0M1MTQ2OEJGMEY3NEEzMzlGQzc3NEQ1RjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDowypDwqkIda3Wu2GKhOzFr+qp0HCM2WMx4TExdw3LdUVG0Mi0
EP5c96IcvHDprBQ07Z/AJqlsbvm/zY7uxkfr8/jiW6ZWnQIS6CHLcjqw9zVEzGje
oXG950TbhN70vHd0gfZr2U+PUYDx0SzUJ+Nkn6kmvRgpTJUWbk/eVHLLnEkSMXl5
rJlYCr69SdqeUSYTf4GH2AxIs/gJZYcdc0g5bmyv/Ik8SN9tVqglQMaNuSyZEZAa
4vuLqxlMCeX6jtZ5VhkVifwKjoH7WK1v1ByRzpJcyo207tFXZQgaOq1bMhNZVSGQ
sDvNjh384mOGezjRSGEEFcJWT/1OhfVrVaxTAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUoBmzk+4w/nxRRovw90ozn8d01fAwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvb0JtemstNHdfbnhSUm92dzkwb3pu
OGQwMWZBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBtLIwDAN
BgkqhkiG9w0BAQsFAAOCAQEAOIPagG/p2gSNmyaWMyJgccoF7IPpeNDEJElXoxhE
XkMb2QsLaIjmszCEbYLw6V/2FQSxA1FOIzIthonnZCOydqQJqbs+dC08fX8dh0OQ
wTp84RteTSo6FL8jwHxKuallBwMCHEtJ4o5h6A/0EWf/nm86TA2NU1r7Gv/Na4iv
N9EQtvmuunsYI7G8NPHKZZ0Z/mPrLitfdQJ5ZhKnKHRQQRWXvdghP/8NsjYMeZUh
wAGrYQyFPjikTsD/AEI+uo9LCZrSPSpGDwxYuvnR0lMSHfLH4ilQt3R7t1sbHMAp
hEnT1VWpOSrxz4eHg3myT0fdB2aR0GChD63O/lU8k1YKeQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:56 2023 by rpki-client on console-fra.rpki-client.org